Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Monitoring Policy Statistics

    Purpose

    Monitor and record traffic that Junos OS permits or denies based on previously configured policies.

    Action

    To monitor traffic, enable the count and log options.

    Count—Configurable in an individual policy. If count is enabled, statistics are collected for the number of packets, bytes, and sessions that enter the firewall for a given policy. For counts (only for packets and bytes), you can specify that alarms be generated whenever the traffic exceeds specified thresholds.

    Log—Logging capability can be enabled with security policies during session initialization (session-init) or session close (session-close) stage.

    • To view logs from denied connections, enable log on session-init.
    • To log sessions after their conclusion/tear-down, enable log on session-close.

    Note: Session log is enabled at real time in the flow code which impacts the user performance. If both session-close and session-init are enabled, performance is further degraded as compared to enabling session-init only.

    For details about information collected for session logs, see Information Provided in Session Log Entries for SRX Series Services Gateways.

     

    Related Documentation

     

    Published: 2012-06-29

    Previous Page Next Page